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REMARKS 



Claims 1-28 arc pending in the present application. Claims 1, 3, 5-10, 12-19 and 
21-28 have been amended. No claims have been added, and no claims have been 
canceled. Applicant has carefully considered the cited art and the Examiner's comments, 
and b elieves the claims patentably distinguish over the cited art in their present form. 
Reconsideration of the rejection is, accordingly, respectfully requested in view of the 
above amendments and the following comments. 

The specification has been amended to correct typographical errors noted therein. 
No new matter has been introduced by any of the amendments. In addition, claims 1, 3, 
5-10, 12-19 and 21-28 have been amended to correct typographical errors and to ensure 
clear antecedent basis for all terminology therein. 

L 35 U.S.C. 8 103» Obviousness - Claims 1-8, 10-17. 19-26, and 28 

The Examiner has rejected claims 1-8, 10-17, 19-26, and 28 under 35 U.S.C. § 
103(a) ad being unpatentable over Pinkert (Pinkert and Wear, Operating Systems, 
Concepts, Policies, and Mechanisms, Prentice Hall, 1989, pgs 4, 205-207). This rejection 
is respectfully traversed. 

In rejecting the claims, the Examiner states as follows: 

Regarding claim 1, Pinkert teaches "A security policy method comprising 
the steps of: associating wildcarded resource identifiers with a corresponding 
security policy (page 4, the third paragraph, i.e. resource management, guardian); 
and matching a resource identifier received in an access request to one of a list of 
said wildcarded resource identifiers, wherein said matching is determined in 
accordance with a predetermined set of precedence values, each precedence value 
of said set corresponding to a predetermined wildcard element (pages 205-207, 
i.e. aliases which are a type of wildcarding in the sense that more than one name 
is used with precedence values)"* 

These passages of Pinkert do not explicitly teach f 'policy" in the sense of 
the claim. 

Nevertheless, it was well known in the art to keep the consistency of 
various sets of security techniques within a system at the level of a "policy" which 
is a logical way of solving a problem, instead of explicitly implementing only one 
set of security techniques at the level of a mechanism which is an explicit 
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implementation of such a policy - for the motivation of having flexibility in 
implementation. . 

Hence, it would have heen obvious to those of ordinary skill in the art at 
the time of the claimed invention to modify Pinkert for the motivation noted in the 
previous paragraphs so as to teach the claimed invention. 

Office Action dated November 15, 2005, pages 2-3. 

Claim 1 of the present application is as follows: 

1 . A security policy method comprising the steps of: 

associating wildcarded resource identifiers with a corresponding security 
policy; and 

matching a resource identifier received in an access request to one of a list 
of said wildcarded resource identifiers, wherein said matching is determined in 
accordance with a predetermined set of precedence values, each precedence value 
of said predetermined set of precedence values corresponding to a predetermined 
wildcard element. 

Applicant respectfully submits that Pinkert does not disclose or suggest either the step of 
"associating wildcarded resource identifiers with a corresponding security policy" or the 
step of '"matching a resource identifier received in an access request to one of a list of 
Said wildcarded resource identifiers, wherein said matching is determined in accordance 
with a predetermined set of precedence values, each precedence value of said 
predetermined set of precedence values corresponding to a predetermined wildcard 
element'* as recited in claim 1 . 

In rejecting the claims, the Examiner refers to page 4, third paragraph, of Pinkert 
as disclosing the step of "associating wildcarded resource identifiers with a 
corresponding security policy". Page 4, third paragraph of Pinkert is as follows: 

Although the resource manager and interface approaches provide 
comprehensive descriptions, the operating system is also some more specialized 
things. For example, the operating system is a coordinator. It makes it possible 
for complex activities to be performed in a predefined order. The operating 
system is a guardian. It sets up access controls to protect files, allows restrictions 
on the reading, writing, or executing of data and programs, and keeps users out 
of each other* s hair and out of its own. It may even control who can log into the 
system. 
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Nowhere in the above recitation is there any disclosure or a suggestion of the 
claimed step of "associating wildcarded resource identifiers with a corresponding security 
policy". Pinkert discloses only that it is known that an operating system can set up access 
controls to protect files, and to allow restrictions on the reading, writing or executing of 
data or programs* Nowhere does the reference disclose how this may be accomplished. 
The reference does not at all disclose wildcarded resource identifiers, and certainly does 
not disclose associating wildcarded resource identifiers with a corresponding security 
policy. 

As indicated above, the Examiner acknowledges that Pinkert does not explicitly 
teach "policy" in the sense of the claim. Applicant agrees. Pinkert also does not teach 
wildcarded resource identifiers, and does not teach or suggest "associating wildcarded 
resource identifiers with a corresponding security policy", 

Pinkert also does not teach or suggest the claimed step of '^matching a resource 
identifier received in an access request to one of a list of said wildcarded resource 
identifiers, wherein said matching is determined in accordance with a predetermined set 
of precedence values, each precedence value of said predetermined set of precedence 
values corresponding to a predetermined wildcard element". The Examiner refers to 
pages 205-207 of Pinkert as disclosing this step, and suggests that an alias is a type of 
wildcarding. Applicant respectfully disagrees. 

An alias, as described in Pinkert, is simply a mechanism that allows users to 
reference the same physical file by different logical names. An alias is not a wildcarded 
resource identifier, nor does the description of an alias in Pinkert constitute a teaching of 
1 'matching a resource identifier received in an access request to one of a list of said 
wildcarded resource identifiers, wherein said matching is determined in accordance with 
a predetermined set of precedence values, each precedence value of said predetermined 
set of precedence values corresponding to a predetermined wildcard element 1 * as recited 
in claim 1. Pinkert does not disclose ''matching a resource identifier received in an 
access request to one of a list of said wildcarded resource identifiers", nor does the 
reference disclose "a predetermined set of precedence values", or that "each precedence 
value of said predetermined set of precedence values corresponding to a predetermined 
wildcard element". 
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In the absence of any disclosure in Pinkert of the steps of the method recited in 
claim I , one of ordinary skill in the art having Pinkert before him would not find the 
present invention obvious in view of Pinkert. Accordingly, claim 1 is not unpatentable 
over Pinkert and should be allowable thereover in its present form. 

Claims 2-8 depend from and further restrict claim 1, and should also be allowable 
over Pinkert, at least by virtue of their dependency. In rejecting claims 2-8, the Examiner 
states only that that the features recited in the claims are well-known in the art. Applicant 
respectfully disagrees. Applicant believes, in fact, that many of these claims recite 
additional features that are not disclosed or suggested in Pinkert and that patentably 
distinguish over Pinkert. 

For example, claim 4 requires that the list of wildcarded resource identifiers 
comprises an ordered list of wildcarded resource identifiers, and that the ordered list be 
ordered in accordance with the predetermined set of precedence values; and claim 5 
specifies the method for sequentially comparing the resource identifier received in an 
access request with each wildcarded resource identifier in the ordered list. Again Pinkert 
discloses only that an operating system may set up access controls, but does not discuss 
how this may be done. Claims 4 and 5, accordingly, should be allowable in their own 
right as well as by virtue of their dependency from claim 1 . 

Claims 6-8 recite further details of the security policy method of the present 
invention which are not disclosed or suggested by Pinkert, and these claims should also 
be allowable over Pinkert in their present form. 

Independent claims 10, 19 and 28 recite features that are similar to those recited 
in claim 1, and these claims should also be allowable in their present form for similar 
reasons as discussed above with respect to claim 1* Claims 11-17 depend from and 
further restrict claim 10, and claims 20-26 depend from and further restrict claim 19; and 
these claims should also be allowable in their present form by virtue of their dependency 
and for the reasons discussed above with respect to claims 4-8. 

Therefore, the rejection of claims 1-8, 10-17, 19-26, and 28 under 35 US.C. 
§ 103 has been overcome. 
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H. 35 U.S,C. 6 103. Obviousness - Claims 9. IS. and 27 

The Examiner has rejected claims 9, 18, and 27 under 35 U.S-C § 103(a) as being 
unpatentable over Pinkert (Pinkert and Wear, Operating Systems, Concepts,, Policies, and 
Mechanisms, Prentice Hall, 1989, pgs 4, 205-207) and Whitney 
(http://www.eU.sd^ This 
rejection is respectfully traversed* 

Claims 9, 18 and 27 depend from and further restrict one of claims 1,10 and 19, 
Whitney does not supply the deficiencies in Pinkert as described above, and claims 9, 18 
and 27 should be allowable in their present form, at least by virtue of their dependency. 

Therefore, the rejection of claims 9, 18, and 27 under 35 U.S.C. § 103 has been 
overcome. 

Hi. Conclusion 

For all the above reasons, it is respectfully urged that claims 1-28 are allowable in 
their ptresent forth, and that this application is now in condition for allowance. It is, 
accordingly, respectfully requested that the Examiner so find and issue a Notice of 
Allowance in due course. 

The Examiner is invited to call the undersigned at the below-listed telephone 
number if in the opinion of the Examiner such a telephone conference would expedite or 
aid the prosecution and examination of this application. 

DATE: f&bvv**** i3 J 2ooi J > 



Respectfully submitted, 




P.O. Box 802333 
Dallas, TX 75380 
(972)385-8777 



Attorney for Applicant 
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